"We go through these waves where the threats change, and the defenses aren't so good against the new threats," said John Pescatore, the longtime former Gartner analyst and now the director of emerging security trends for the Bethesda, Md.-based SANS Institute. "The excrement hits the fan a lot more and we start talking about response. Then the defenses get a little better and we get some equilibrium until the next wave of threats comes along."

In this interview, Pescatore and SearchSecurity Executive Editor Eric B. Parizo debate whether the current wave of advanced targeted attacks has forced enterprises to make fundamental changes to their security postures. While Pescatore asserts the industry is simply going through yet another cycle in which attackers are outpacing defenders, Parizo asserts that increasing breach time-to-detection rates show enterprises are changing because they're losing the battle.

Pescatore offers lessons learned from the massive 2013 Target data breach, emphasizing the need for the industry to advance beyond single-factor authentication and implement network segmentation. He also discusses how the Heartbleed OpenSSL flaw demonstrates how successfully the industry can implement a broad-based response to a wide-ranging security flaw.

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy